motioneye
python · motioneyeHeads-up
motionEye v0.43.1 Path Traversal in Picture and Movie Endpoints
motionEye v0.43.1 has a path traversal vulnerability in the picture and movie API endpoints due to missing '..' checks in get_medi
23 Jun 2026 · schedule it
python · motioneyeHeads-up
motionEye: Admin password hash exposed via world-readable config file
motionEye v0.43.1 and prior create /etc/motioneye/motion.conf with 644 permissions, exposing the admin password hash to local user
23 Jun 2026 · schedule it